Research And Implementation Of Intrusion Detection System Based On Immune Principle

Network security is one of the most focused issues of contemporary Internet users.With the increasing development of the Internet.Among them,firewall and intrusion detection are the two most typical network security monitoring techniques,the former is the static filtering of network data packets,and the latter is the dynamic analysis and processing of network data.In contrast,intrusion detection technology can collect and analyze a large number of key information in the network system.It has the advantages of safety monitoring and application.In this paper,based on the existing network security intrusion detection technology,combining with the application of immune principle,a strong artificial immune intrusion detection system is proposed.The construction of this system is completed mainly through two aspects: first,the structure of antibody factors in the immune algorithm program is optimized and the new structure is in the new structure.In the form of system design,the optimized antibody structure can more truly reflect the actual characteristics of various data in the Internet.Secondly,the system model with classification function is established by protocol analysis as the detection method.On the basis of the existing port number,IP address and protocol type,the system can be collected and analyzed in the transmission layer.A part of the network data information to deduce the actual situation of the application layer,and then to describe and judge the status of the network.Finally,the system is tested and validated by the network data simulation.The artificial immune intrusion detection system proposed in this paper is mainly composed of three functional modules: memory cell detection,immature cell tolerance and mature cell detection.In the early stage,the original network data(memory cells)were processed with refined data and processed by protocol analysis.And taxonomy tolerance(against immature cells).This process can avoid detecting vulnerabilities caused by too many data types,too large traffic volume and lack of pertinence.Figure 12;Table 6;Reference 60...